Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted zabbix 1:3.0.32+dfsg-0+deb9u2 (source) into oldoldstable
Date: Mon, 07 Feb 2022 21:10:13 +0000
Signed by: Sylvain Beucler <beuc@beuc.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 07 Feb 2022 21:30:48 +0100
Source: zabbix
Binary: zabbix-agent zabbix-frontend-php zabbix-java-gateway zabbix-proxy-mysql zabbix-proxy-pgsql zabbix-proxy-sqlite3 zabbix-server-mysql zabbix-server-pgsql
Architecture: source
Version: 1:3.0.32+dfsg-0+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Dmitry Smirnov <onlyjob@debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
 zabbix-agent - network monitoring solution - agent
 zabbix-frontend-php - network monitoring solution - PHP front-end
 zabbix-java-gateway - network monitoring solution - Java gateway
 zabbix-proxy-mysql - network monitoring solution - proxy (using MySQL)
 zabbix-proxy-pgsql - network monitoring solution - proxy (using PostgreSQL)
 zabbix-proxy-sqlite3 - network monitoring solution - proxy (using SQLite3)
 zabbix-server-mysql - network monitoring solution - server (using MySQL)
 zabbix-server-pgsql - network monitoring solution - server (using PostgreSQL)
Changes:
 zabbix (1:3.0.32+dfsg-0+deb9u2) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2022-23134: after the initial setup process, some steps of
     setup.php file are reachable not only by super-administrators, but by
     unauthenticated users as well. Malicious actor can pass step checks
     and potentially change the configuration of Zabbix Frontend.
Checksums-Sha1:
 6fffb04fbb3cff390401997876b989acf1cccd03 2902 zabbix_3.0.32+dfsg-0+deb9u2.dsc
 07c833bf13efb099c4bcb2b975f5cd17bdc01d77 194356 zabbix_3.0.32+dfsg-0+deb9u2.debian.tar.xz
 eeb2197b0bfff8e347ec9094b8a8b6ce2b17f3d1 13017 zabbix_3.0.32+dfsg-0+deb9u2_amd64.buildinfo
Checksums-Sha256:
 15a207233e26b03056b34d2406ca04ff43cfe68a7dddfea73e45344f73f132d7 2902 zabbix_3.0.32+dfsg-0+deb9u2.dsc
 74384efb7343774268f4a6f1826593c69e1e02d7d466bd10930ccc9f7aa39009 194356 zabbix_3.0.32+dfsg-0+deb9u2.debian.tar.xz
 b4da130bfd59b37579f2533c4d297844156a71c7f14f797f8911780cefeac56c 13017 zabbix_3.0.32+dfsg-0+deb9u2_amd64.buildinfo
Files:
 71360636c95019d582c66eb8197429ed 2902 net optional zabbix_3.0.32+dfsg-0+deb9u2.dsc
 d6a2b81bde629e70e8088af2158233a3 194356 net optional zabbix_3.0.32+dfsg-0+deb9u2.debian.tar.xz
 e4756c0e80dd450ac9facfc184dfa08b 13017 net optional zabbix_3.0.32+dfsg-0+deb9u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmIBhqYACgkQDTl9HeUl
XjD+iw/7B3XcMAmfY/GJBLJmd17SGnnO78weRctDa7b2qGmuANx6xZ5UDl0ym3qA
ZTBSEtRiZaf62T6wAzs0Zc+Ga1xH4Cj0PDfH5R4hK2sHab99hflWxfL9VNVBgHMG
p8NJhORP7Chn8mOSCFiJ+y3okDCrtSF/mk7+LPPXWkw38xQ7A4PNMn1aWwQsd6e+
ORfr1dQTYNxvbEIrJCZEVcbkRZUkwv8GM0sj9BVKJqYEInHm4ZrkmtZLJR7WFtg7
N0Y5/EX3iiuM6ouHs04gXMAC7v7C7sq8Ydv8bhaiUt4d+EhQ8afmjSgzs0f9dhB2
9MXNDvarQ5hmpik1x9OyumfULzYddbUJuBnDhVF35EB67Fw0OtwB6Kq98ZWN9uyZ
U2FLxZF9ugREoNcbXa0X+7ILeNYRT8lGKXmBInTvQPS+8t7QQIl4Su1Aqtq4hQJ5
tZVn6eEstuzByWKQ2pdDl1vtvdg7qI6klATQ94jSYHOLuXmvhw47jzZVDwHWW+wg
8szt3TIdIlYYHCqkw2YiujWc39s38wMFixgBimQ1FAikytX/5YAELJV2YLmUjpxt
x+d/u9ueOJjleVQpE/LJbkLnTwS0OyS7rnyS20rJ3m7fl00wBocO/KLBDeGfGgPB
OZXHO7MOLfrESgcz4qu0oNE8gHCnVSxvnfTcdFWT26BEt8KNCWc=
=55lI
-----END PGP SIGNATURE-----
News for package zabbix
